Organize your hackathon

Privacy Policy

This Privacy Policy explains how Kreativdistrikt SRL (“we”, “us”, “our”) collects, uses, and protects your personal data when you use our website or services. It also explains your rights under applicable data protection laws, including the General Data Protection Regulation (GDPR).

By using our services, you agree to the collection and use of information in accordance with this Privacy Policy.

1. Data Controller

Kreativdistrikt SRL is the Data Controller of your personal data.

Kreativdistrikt SRL
Via Petrarca 22
20123 Milan
Italy
Email: info@kreativdistrikt.com

We operate worldwide, except in embargoed countries.

2. Services

We provide innovation and creative services, including the organisation of hackathons, ideathons, and similar events, both online and offline.

Our website (https://www.kreativdistrikt.com/) provides information about our services and allows users to contact us and purchase services.

No user accounts are required to use our website.

3. Personal Data We Collect

We may collect the following categories of personal data:

3.1 Data provided directly by you

  • Name
  • Email address
  • Phone number
  • Company name
  • Message content (contact forms or inquiries)
  • CVs and application materials (event participation)
  • Participant data provided during events

3.2 Event-related data

When you participate in our events, we may also process:

  • Attendance records
  • Submitted projects or materials
  • Event-related communications
  • Work produced during events
  • Intellectual property-related information is relevant to the event terms

3.3 Media data

  • Photographs and video recordings taken during events (where applicable)

4. How We Collect Data

We collect data:

  • Directly from you (forms, applications, event participation)
  • Automatically via website analytics tools
  • Through third-party event platforms used to manage events

We use third-party platforms such as HackSquad (or equivalent event management systems) to facilitate event participation and operations.

5. Legal Basis for Processing

We process personal data in accordance with the legal bases provided under Article 6 of the General Data Protection Regulation (GDPR). Depending on the specific context, the legal bases include:

  • Performance of a contract (Art. 6(1)(b) GDPR):
    When processing is necessary for the performance of a contract with you or to take steps before entering into a contract. This includes managing event participation, delivering services, and processing related requests.
  • Consent (Art. 6(1)(a) GDPR):
    When you have given clear consent for us to process your personal data for specific purposes, such as the use of photographs or video recordings for promotional purposes, or the use of non-essential cookies and similar tracking technologies.
  • Legitimate interests (Art. 6(1)(f) GDPR):
    When processing is necessary for our legitimate interests, provided that such interests are not overridden by your fundamental rights and freedoms. This includes website analytics, service improvement, security, and the prevention of fraud or misuse.
  • Legal obligation (Art. 6(1)(c) GDPR):
    When processing is necessary to comply with applicable legal obligations, including accounting, tax, and regulatory requirements.

Where processing is based on legitimate interests, you have the right to object to such processing at any time.

6. Use of Personal Data

We use personal data for the following purposes:

  • Providing and managing our services
  • Organising and administering events
  • Processing event applications and participation
  • Communicating with users
  • Managing inquiries submitted through the website
  • Improving our services and operations
  • Marketing and promotional activities (where consent applies)
  • Documenting events (including photos and videos, where applicable)
  • Managing business relationships and contracts

Data is retained only for as long as necessary to fulfil the purposes described in this Privacy Policy and in accordance with applicable legal and contractual obligations, as specified in Section 3 (Data Retention).

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to operate and improve our website.

We use:

  • Google Analytics
  • Meta (Facebook) Pixel
  • LinkedIn Insight Tag

Cookies may be:

  • Necessary cookies (required for website functionality)
  • Analytics cookies (website performance measurement)
  • Marketing cookies (advertising and audience targeting)

We use Standard Contractual Clauses (SCCs) approved by the European Commission for data transfers outside the EEA.

8. Third-Party Services

We use third-party service providers to support the operation of our website and the organisation of our services and events.

These third parties may process personal data on our behalf or, in some cases, as independent data controllers. They include, but are not limited to:

  • hosting and infrastructure providers (e.g. GoDaddy)
  • email and communication services (e.g. Gmail / Google Workspace)
  • analytics and marketing tools (e.g. Google Analytics, Meta Pixel, LinkedIn Insight Tag)
  • event management platforms (e.g. HackSquad or equivalent providers)

Where these providers act as data processors, they process personal data strictly in accordance with our instructions and applicable data processing agreements.

When they act as independent controllers, their processing is governed by their own privacy policies.

We encourage users to review the privacy policies of these third-party providers.

We remain committed to ensuring that any third-party processing of personal data complies with applicable data protection laws, including the GDPR.

9. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA), including countries that may not provide the same level of data protection as within the EEA.

This may occur in connection with our use of service providers and platforms such as hosting providers, analytics services, marketing tools, and event management systems.

Where such transfers take place, we ensure that appropriate safeguards are implemented to protect your personal data in accordance with the GDPR. These safeguards may include:

  • the use of Standard Contractual Clauses (SCCs) approved by the European Commission;
  • implementation of appropriate technical and organisational security measures;
  • reliance on adequacy decisions issued by the European Commission, where applicable.

We take all reasonably necessary steps to ensure that your personal data remains protected and treated in accordance with this Privacy Policy and applicable data protection laws.

10. CVs, Applications, and Project / Intellectual Property Data

When you apply to participate in our events or submit materials such as CVs, applications, or project-related content, we process your personal data for:

  • evaluating applications and determining eligibility for participation in events
  • managing event organisation and participation
  • facilitating collaboration and execution of event-related activities
  • communicating with participants in relation to the event

CVs and application materials are processed solely for evaluation and selection purposes related to the relevant event.

Project submissions and related materials may be processed in the context of your participation in our events and in accordance with the applicable event terms and conditions. This may include processing information related to intellectual property rights, ownership, or usage of submitted work, as defined in the relevant contractual or event-specific documentation.

Such data is retained only for as long as necessary to fulfil the purposes described in this Privacy Policy or as required under applicable contractual obligations.

Data is retained only for as long as necessary to fulfil the purposes described in this Privacy Policy and in accordance with applicable legal and contractual obligations, as specified in Section 3 (Data Retention).

11. Your Rights Under GDPR

You have the following rights regarding your personal data:

  • Right of access
  • Right to rectification
  • Right to erasure (“right to be forgotten”)
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent at any time

You also have the right to lodge a complaint with the supervisory authority in Italy:
Garante per la Protezione dei Dati Personali

12. Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction.

However, no method of transmission over the internet is completely secure.

13. Third-Party Services

Our services may include integrations with third-party platforms such as event management systems and analytics providers.

These third parties operate under their own privacy policies, and we encourage you to review them separately.

We are not responsible for the privacy practices of third-party services.

14. Children’s Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect or process personal data from minors.

If we become aware that personal data has been collected from an individual under the applicable minimum age without appropriate authorisation, we will take reasonable steps to delete such data promptly.

If parental consent is required under applicable law, we may request verification of such consent before processing any personal data relating to minors.

15. Photos and Event Media

During the organisation and execution of our events, we may collect and process photographs, video recordings, and similar media content.

This processing is carried out for:

  • documenting our events and activities
  • communicating and reporting on our services
  • promoting our events and organisation through appropriate communication channels, including our website and social media platforms

The legal basis for this processing is:

  • consent, for identifiable photography and video used for promotional purposes;
  • Garante per la Protezione dei Dati Personali

Where processing is based on legitimate interest, you have the right to object to the use of your personal data, including images or recordings, at any time by contacting us at info@kreativdistrikt.com.

We take reasonable measures to ensure that such content is used responsibly and in a manner that respects your privacy.

Data is retained only for as long as necessary to fulfil the purposes described in this Privacy Policy and in accordance with applicable legal and contractual obligations, as specified in Section 3 (Data Retention).

16. Changes to This Policy

We may update this Privacy Policy from time to time.

Updates will be published on this page, and the “Last updated” date will be modified accordingly.

17. Contact

For any questions regarding this Privacy Policy, you can contact us at:

Email: info@kreativdistrikt.com

 

You can check here our Terms and Conditions.